There are several different ways that networks within your cloud environment can be deployed. Listed below are the most common deployments that we see.
Virtual Machines are deployed in containers called vApps that can be used to group one or more VMs. When deploying a new network, you can choose to deploy one that is specific to only that vApp. Once that network has been created, you can then choose if/how the vApp network connects to other networks within your environment. This allows you to have greater control over how traffic flows , for example, you can increase security by segmenting machines that may be at higher risk from the rest of your network or creating an extra layer of separation between the rest of your network and machines that have particularly sensitive data. You can create a vApp network by following the steps listed in Add a vApp Network.
Org Networks are networks that can be used across multiple vApps to connect machines as needed. These networks can be created in one of two basic ways, Isolated or Routed.
- Routed - A routed network connects directly to the edge gateway and can be used to send & receive internet traffic, connect to IPSec tunnels setup on the edge gateway, etc.
- Isolated - These networks have no connection to the edge gateway, and therefore no connection to the outside world. These networks are used to allow machines to communicate within your cloud environment without being exposed to the internet.
Steps for creating org networks can be found in Org Networks On vApps and VMs